Microsoft recently published their roadmap for Windows 10 and Mobile one of the interesting features on it was unlocking a Windows 10 PC with a companion device. Now, the company has gone ahead and detailed how that Companion Device Framework (CDF) will work including what options developers would need to take to enable the feature.
The details including the model of the framework, restrictions, and requirements are all revealed in a new developer article published today by Microsoft titled 'Windows Unlock and companion devices'.
The idea behind the Companion Device Framework is simple: you want to utilize the Windows Hello and Passport security features, but the hardware does not have a fingerprint reader or biometric camera. Using an external device can complete that process, so long as it is secure and uses the CDF. That ability is good for two reasons (1) old hardware that does not have builtin biometric features and (2) low-cost hardware where consumers may want to add the security feature later.
Microsoft details some other usage scenarios:
- Attach their companion device to PC via USB, touch the button on the companion device, and automatically unlock their PC.
- Carry a phone in their pocket that is already paired with PC over Bluetooth. Upon hitting the spacebar on their PC, their phone receives a notification. Approve it and the PC simply unlocks.
- Tap their companion device to an NFC reader to quickly unlock their PC.
- Wear a fitness band that has already authenticated the wearer. Upon approaching PC, and by performing a special gesture (like clapping), the PC unlocks.
The first example sounds an awful lot like a YubiKey, which acts as a 2-pass-authentication for things like LastPass. The second example is something that Windows 10 Mobile users can expect likely this year with the Redstone update, and it should prove to be very convenient. Likewise, the fourth option is aimed at Microsoft Band users and should provide yet another way to get into your computer without typing a password.
Not all apps can just jump on board with Microsoft's CDF as developers will need to be "specifically provisioned by Microsoft and list the restricted secondaryAuthenticatorFactor capability in its manifest." That translates to applying for approval as the system deals with security, logging in and could jeopardize user privacy.
Interestingly, Samsung has already done this companion unlocking, and it exists today. The new Galaxy TabPro S with Windows 10 can be unlocked via the fingerprint reader on the Galaxy S7 and S7 Edge using an app called Samsung Flow. We'll have more on how that system works in a forthcoming article shortly.